[go: up one dir, main page]
Skip to content

Docs feedback: Incorrect Documentation for X509 Validation?

Problem to solve

I am troubleshooting why commits signed with an X509 certificate (actually US Government PIV card) are not validating. The documentation says to run signature.user.nil? and it should return false. Instead, it throws an exception:

irb(main):021:0> signature.user.nil?
irb(main):022:0*
(irb):21:in `<main>': undefined method `user' for #<Gitlab::X509::Signature:0x00007f1f5e9e3ed0 @signature_text="-----BEGIN SIGNED MESSAGE-----XXXXXXXXX-----END SIGNED MESSAGE-----", @signed_text="tree d65bbe94c074328a24701379d5da8d42ab98fa82\nparent f6329c99a36c9bd5e6f4e7917f494f41e08855ed\nauthor Yehuda Katz <YEHUDA.KATZ@example.gov> 1732211289 -0500\ncommitter Yehuda Katz <YEHUDA.KATZ@example.gov> 11111111111 -0500\n\nSigned by f83d73ff9bc325dcab76c789a06148f95b01aeeb\n", @email="YEHUDA.KATZ@example.gov", @created_at=2024-11-21 12:48:09 -0500, @p7=#<OpenSSL::PKCS7:0x00007f1f67ae3930 @data="", @error_string="certificate verify error">, @cert_store=#<OpenSSL::X509::Store:0x00007f1f67ae37f0 @verify_callback=nil, @error=nil, @error_string=nil, @chain=nil, @time=nil, @_httpclient_cert_store_items=["/opt/gitlab/embedded/ssl/cert.pem"]>, @cert=#<OpenSSL::X509::Certificate: subject=#<OpenSSL::X509::Name UID=22222222222+CN=YEHUDA KATZ,OU=People,OU=XXXXX,O=U.S. Government,C=US>, issuer=#<OpenSSL::X509::Name OU=CA,OU=Certification Authorities,OU=XXXXXX,O=U.S. Government,C=US>, serial=#<OpenSSL::BN:0x00007f1f673>, not_before=2024-10-09 13:21:57 UTC, not_after=2027-10-08 04:00:00 UTC>, @verified_signature=false> (NoMethodError)
        from /opt/gitlab/embedded/lib/ruby/gems/3.2.0/gems/railties-7.0.8.4/lib/rails/commands/console/console_command.rb:74:in `start'
        from /opt/gitlab/embedded/lib/ruby/gems/3.2.0/gems/railties-7.0.8.4/lib/rails/commands/console/console_command.rb:19:in `start'
        from /opt/gitlab/embedded/lib/ruby/gems/3.2.0/gems/railties-7.0.8.4/lib/rails/commands/console/console_command.rb:106:in `perform'
        from /opt/gitlab/embedded/lib/ruby/gems/3.2.0/gems/thor-1.3.1/lib/thor/command.rb:28:in `run'
        from /opt/gitlab/embedded/lib/ruby/gems/3.2.0/gems/thor-1.3.1/lib/thor/invocation.rb:127:in `invoke_command'
        from /opt/gitlab/embedded/lib/ruby/gems/3.2.0/gems/thor-1.3.1/lib/thor.rb:527:in `dispatch'
        from /opt/gitlab/embedded/lib/ruby/gems/3.2.0/gems/railties-7.0.8.4/lib/rails/command/base.rb:87:in `perform'
        from /opt/gitlab/embedded/lib/ruby/gems/3.2.0/gems/railties-7.0.8.4/lib/rails/command.rb:48:in `invoke'
        from /opt/gitlab/embedded/lib/ruby/gems/3.2.0/gems/railties-7.0.8.4/lib/rails/commands.rb:18:in `<top (required)>'
        from <internal:/opt/gitlab/embedded/lib/ruby/site_ruby/3.2.0/rubygems/core_ext/kernel_require.rb>:37:in `require'
        from <internal:/opt/gitlab/embedded/lib/ruby/site_ruby/3.2.0/rubygems/core_ext/kernel_require.rb>:37:in `require'
        from bin/rails:4:in `<main>'